Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Cybercrime: FFIEC Plans To Boost Online Transaction Authentication Guidelines for US Banks

Jan 31, 2011 5:03:41 AM By Stu Sjouwerman
We picked this news item up from the SANS Newsbites Newsletter, Volume XIII, Issue: 8, dated January 25, 2011, entitled “U.S. Banks to Get Updated Online Authentication Guidelines.” ...
Continue Reading

Symantec Covers Top Social Networking Cyberheist Scams, Including Phishing

Jan 30, 2011 8:49:54 AM By Stu Sjouwerman
The Norton/Symantec “Your Security Resource” newsletter recently featured a story entitled “ Top 5 Social Media Scams” that’s worth a read-through. It talks about the kinds of scams and ...
Continue Reading

Anatomy of a Blantant Phishing Message

Jan 27, 2011 3:49:35 AM By Stu Sjouwerman
In earlier blogs about Phishing (especially Phishing Primer Part 1 and Part 2) we described phishing as an artful attempt to get readers to click links in e-mail, thereby opening ...
Continue Reading

Fabulous Anti-Phishing/Cybercrime News Resource

Jan 26, 2011 8:50:14 AM By Stu Sjouwerman
[caption id="attachment_130" align="aligncenter" width="488" caption="The banner at YourMoneyIsNotSafeInTheBank.org says it all!"] [/caption] The name of the site that provides the ...
Continue Reading

Hackers Pull A Tasty Variation on the ACH Cyberheist Technique

Jan 25, 2011 11:48:46 AM By Stu Sjouwerman
On January 19, PC World reported an interesting twist on an old but still favorite phishing scam called the ACH, or Automated Clearing House, scam in a story entitled "Hackers Steal ...
Continue Reading

Phishing Primer Part 2: Spotting the Lure

Jan 24, 2011 3:56:54 AM By Stu Sjouwerman
Last Thursday, we posted a blog entitled "Phishing Primer, Part 1;" here is Part 2 in that ongoing series of brief expositions on this fascinating subject that is also a clear and present ...
Continue Reading

FDIC Issues "Patriot Act" Phishing Scam Warning

Jan 21, 2011 6:02:58 AM By Stu Sjouwerman
Earlier this week on January 18, the US Federal Deposit Insurance Corporation (FDIC) issued its tenth special alert for 2011 (SA-10-2011). Its summary provides an excellent explanation ...
Continue Reading

Internet Security Awareness Training: The Enduring Value of User Education and Awareness

Jan 21, 2011 2:27:31 AM By Stu Sjouwerman
There’s an old saying that “If you create a system that any idiot can use, then only idiots will find it useful.” And while many companies and organizations may feel compelled to “dumb ...
Continue Reading

Internet Security Awareness Training Basics

Jan 19, 2011 6:33:26 AM By Stu Sjouwerman
A great many “teaching stories” from various traditions emphasize how the press of daily life, or normal human emotions, can crowd out and turn off common sense. At its core foundation, ...
Continue Reading

Phishing Primer, Part 1

Jan 18, 2011 3:41:55 AM By Stu Sjouwerman
Phishing takes its inspiration from the piscatorial arts, where an angler uses an attractive and perhaps even appetizing-looking or –seeming lure (well, to a fish anyway) to entice an ...
Continue Reading

Phishing for Trouble: At-work Email Behavior Can Affect the Bottom Line in Unexpected Ways

Jan 18, 2011 1:42:45 AM By Stu Sjouwerman
Even financial professionals can get snared at work by e-mails that purport to deal with routine, straightforward transactions. One interesting phishing scam that occurred as recently as ...
Continue Reading

Internet Security Awareness Training: KnowBe4 Is Going On The Road

Jan 17, 2011 5:10:40 PM By Stu Sjouwerman
KnowBe4 will be making a splash in 2011! We have several events on our calendar where you can see us and we hope to see you at several of these events where we would love to show you our ...
Continue Reading

Phish-Prone Percentage: 20%

Jan 13, 2011 6:50:18 AM By Stu Sjouwerman
Today we did a "Free Security Audit" with a company that wanted to test their 100+ employees. When we talked to the IT Manager and told him what simulated attack we were planning, he said ...
Continue Reading

Internet Security Awareness Training: Dynamic Content Updates - The Secret Sauce

Jan 8, 2011 5:09:51 PM By Stu Sjouwerman
Up to now, Security Awareness Training was static. Canned instruction sessions that could be a year old, an eternity on the Internet. Cyber criminals move fast though. Malware evolves ...
Continue Reading

Internet Security Awareness Training: 7 Reasons Why Organizations Use Online Training

Jan 8, 2011 5:09:09 PM By Stu Sjouwerman
7 Reasons Why Organizations Use Online Training 1. Reduce Costs - How you manage training is always about how you manage costs. 2. Access to Talent - Especially hard when it gets to ...
Continue Reading

Internet Security Awareness Training: Defense-In-Depth

Jan 8, 2011 4:01:33 PM By Stu Sjouwerman
What is defense-in-depth? Organizations defend their networks on each of the six levels in the graph you see. End-user Internet Security Awareness Training resides in the outer layer: ...
Continue Reading

Cybercrime and Cyberheists: How The Bad Guys Siphoned $70 Million

Jan 8, 2011 3:57:43 PM By Stu Sjouwerman
"The Internet is the crime scene of the 21st Century,"
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews